Skip to content

[client] Avoid logging setup keys on error message #3962

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[client] Avoid logging setup keys on error message #3962

wants to merge 1 commit into from
+1 −1

Conversation

mlsmaycon
Copy link
Collaborator

@mlsmaycon mlsmaycon commented Jun 12, 2025
edited
Loading

Describe your changes

Issue ticket number and link

NET-212

Stack

Checklist

  • Is it a bug fix
  • Is a typo/documentation fix
  • Is a feature enhancement
  • It is a refactor
  • Created tests that fail without the change (if possible)
  • Extended the README / documentation, if necessary

By submitting this pull request, you confirm that you have read and agree to the terms of the Contributor License Agreement.

@Copilot Copilot AI review requested due to automatic review settings June 12, 2025 11:28
Copilot
Copilot AI reviewed Jun 12, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This pull request removes sensitive setup key information from error logs during the peer registration process.

  • Removed logging of the setup key when errors occur.
  • Update focuses on avoiding leakage of sensitive credentials via log messages.
Comments suppressed due to low confidence (1)

client/internal/login.go:151

  • Good change; this update improves security by not logging the sensitive setup key. Verify that no other parts of the system log sensitive credentials inadvertently.
log.Errorf("failed registering peer %v", err)

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

lixmal
lixmal reviewed Jun 12, 2025
View reviewed changes
client/internal/login.go
Comment on lines +151 to 152
log.Errorf("failed registering peer %v", err)
return nil, err
Copy link
Collaborator

@lixmal lixmal Jun 12, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
log.Errorf("failed registering peer %v", err)
return nil, err
return nil, fmt.Errorf("register peer: %w", err)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lixmal lixmal lixmal approved these changes

Copilot code review Copilot Copilot left review comments

@hakansa hakansa hakansa approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mlsmaycon @lixmal @hakansa